“Let me be represented as one who trusts his senses, who thinks he knows the things he sees and feels, and entertains no doubts of their existence.” -- Bishop Berkeley

News

Loading...

Tuesday, August 19, 2008

Stealer of Names

Excerpts from a long discussion of codes and ciphers, keeping our codes-and-ciphers-loving friends at bay...

"...and also perhaps easy to nail as all created by the same person, so I guess I won't be using very many symbols." This is a common direction of attack on codes and ciphers, as testified by stories of the WWII years; messages in the process of decryption would be filed with other messages presumed by analysis to have come from the same author's cleartext, or coding habits. Thus one typical paradox: versatility, or optionality, in encrypting, intended to make code more diverse and therefore harder to decrypt, often made it easier by admitting the deadliest of vulnerabilities, the dirty living human mind.

My father used to demonstrate one of the characteristic weaknesses of the human mind. He would invite students up to the blackbroad, er, blackboard and ask them to write down out of their heads a string of random digits. When they began show signs of extreme fatigue (almost always within a hundred digits), he would have mercy and then immediately show a dozen or more patterns.

Yet, again, paradoxically, choice could avoid problems: perhaps more than any exploitation of weakness in cracking codes and ciphers in WII against them (against us, I'm sure, as well) was the repitition of messages or key parts of messages because of technical difficulties in transmission or reception. Again, the paradox: If the exact same message was retransmitted, obviously, if we had the entire message already, we learned nothing. But, usually, protocol required that this transmission required use of Book 093253, rather than the previous Book 772514. This was frequently invaluable, given the hypothesis that the clear was the same.

"I am sorry that having received that...system from you--which you designed especially for my requirements and capabilities!--I am instead using one that could be invented by a four-year-old child and deciphered by another. However, I need it to be this easy. As Theodore Sturgeon or someone like that once said, if I take more than a few seconds to enter the system, it's as if I wrote of a lover rushing up the street to his lady friend's house, trying to maintain a firm hold on a bottle of Chartreuse and two dozen yellow roses, imagining the delights that lie ahead--and then explaining the workings of the doorbell he presses to get to her."

"...for all I know, you've had experiences like mine with Yahoo, where my suggested login of desuetude was rejected because someone had that! Who, in the 21st century, other than me, would ask to be named desuetude on Yahoo? I could, and should, write to the guy and ask him how he happens to know the word. This might very well make for a good story. My guess is that someone had had kageyama and had very recently let it expire, which a logon does if you don't use it for six months. As Nabokov says in Lolita, 'With a drunken sob of gratitude, I accepted it.' (Are you aware that a major reason why the movie of Lolita is so good is that Nab insisted on writing the screenplay himself? If you haven't seen James Mason's face conveying that drunken sob of gratitude, it's worth the price of admission.)" (Yes, I am.)

You're quite right. No one would have asked to be named desuetude on Yahoo in the 14th Century. They might, however, have viewed a request to any instrumentality outside the Church for any boon having to do anything with names almost as a signpost plastered with the word "SATAN," and you had been toast (literally).

"Someone had tried to hijack kageyama! Inexpertly, though. An attempt of this clumsy sort had been anticipated. Obviously, this guy would have had to ask that he himself be sent the URL for the unique little web site at which he would substitute his password for mine. However, when the original request goes to the admins, they simply glance at it, understand that someone wants a password changed, and send something very like the email they sent me to the email address (which is invisible to the hijacker) associated with the username. So much for Stealer of Names, a fine old Arabic cognomen that loses nothing in translation. I should use it for a gmail account."